Common Secure Shell passwords unveiled

[jes]

Common Secure Shell passwords unveiled

It is not only ignorant computers users who are using weak username and password combinations as a new website shows

 

[nihilist]

[email protected]'s password:12345
[email protected]:~$ su
sudo password:12345
[email protected]:~$ rm -rf /
[email protected]:~$ ^D

 

[Buzybuy]

P@ssword with the @ sign also another favourite

 

[magneto]

that list is longer than just 5 u/p's , tisk tisk.

ROFL pwn3d . . . not

[email protected]'s password:12345
[email protected]:~$ su
sudo password:12345
[email protected]:~$ rm -rf /
[email protected]:~$ ^D

 

[eltherza]

Password1 for those systems that require numbers and uppercase

 

[ruan567]

Best thing one can do along with a strong SSH password is to run the SSH daemon on a non-standard port. That blocks out 80% of all these script kiddies who have a tendency to scan port 22 only.

Also, firewalling out all IP ranges except your own will be good but it is not always practical.

 

[JerryMungo]

[email protected]'s password:12345
[email protected]:~$ su
sudo password:12345
[email protected]:~$ rm -rf /
[email protected]:~$ ^D

I thought it was 'rpm'

 

[AntiThesis]

Those are some retarded passwords.

And pfft, everyone knows rpm's password is cara

 

[sin_x]

Most common password is still: *********

 

[The_Unbeliever]

BlockSSHD (from the Smoothwall community) might give you an idea...

http://community.smoothwall.org/forum/viewtopic.php?f=26&t=28674

 

[Fearl3$$]

It actually show's how Ignorant most Admins are as well... We mostly think that our users will not think of that easy to guess passwords to get into a system... But do not always think of those that are not a normal "l"user and wants to get in to your systems and cause some problems...

 

[Cost Conscious]

Thing that irritates me is over-zealous web-masters like banks that insist on creating a convoluted password that you can't remember and have to commit to writing down somewhere.

Forcing you to change your PW every month ends up creating: pwordjan pwordfeb pwordmar etc etc all self-defeating.

 

[GforceD]

Most common password is still: *********

What no way I've the same password!

also some common passwords are swear words, not so clever when you have to give your password to your mom.

I used to work at a company and I knew over 30 different peoples passwords some where wierd like
Aphr0dity (the greek goddess of love) and some like "patch" was the name of a dog.
but the longest was 12 letters 3 numbers and a wildcard and it was a totally nonsense word.
I would tell you what it was but I may want to use it in the future

 

[Nuro]

Disable password auth. Go for ssh keys.

 

[Hackson]

I use the same password on all my site. From FB to twitter to gmail to Y! mail to my phone to my linux to my windows to everything even ssh here @ school

 

[The_Unbeliever]

all your p4$$w0rd are belong to us

 

[milomak]

this reminds me to do my password review for information critical sites.

 

[murraybiscuit]

oi vey. this is ridiculous.
nice tip on changing the default port...
i think i may just do that on my new server.

 

[Oiram]

PC: Please enter new password
Me: OK, [types in "Penis"]
PC: Sorry, your password is too short

 

[nihilist]

It actually show's how Ignorant most Admins are as well... We mostly think that our users will not think of that easy to guess passwords to get into a system... But do not always think of those that are not a normal "l"user and wants to get in to your systems and cause some problems...

My experience has been that, even if I force long alpha numeric passwords, people in the end just write them down and stick them on the monitor or desk drawer and share them with their friends.